We know your monitoring data is extremely important to you and your business,
and we're very protective of it. After all, we use Librato for our own
Need to report a security vulnerability?
Please follow our steps for Responsible Disclosure.
- All private data exchanged with Librato is always transmitted over SSL
(which is why your instruments and dashboards are served over HTTPS, for
instance). All pushing and pulling of private data is done over SSH
authenticated with keys, or over HTTPS using your Librato username and
- The SSH login credentials used to push and pull cannot be used to access a
shell or filesystem. All users are virtual (meaning they have no user
account on our server instances).
- File System & Backups
- Every data point is saved on a minimum of three different servers in
different AWS (Amazon Web Services) Availability Zones and -in addition-
backed up to AWS S3 storage.
- We do not encrypt repositories because it would slow down response times,
and any user with shell access to the file system would have access to the
decryption routine, thus negating any security it provides. Therefore, we
focus on making our infrastructure as secure as possible.
- Employee Access
- No Librato employees ever access private customer data unless required to
for support reasons and with permission from the customer. Support staff
may log into your account to access settings related to your support issue.
In rare cases staff may need to access your data, this will only be done
with your consent. When working a support issue we do our best to respect
your privacy as much as possible, we only access the data and settings
needed to resolve your issue.
- Credit Card Safety
- When you sign up for a paid account on Librato, we do not store any of your
card information on our servers. It's handed off to Chargify, Inc., a
company dedicated to storing your sensitive data on PCI-Compliant servers.
- Contact Us
- Have a question, concern, or comment about Librato security? Please email
- Last Updated: Jan 23, 2014